Is it possible to manage Active Directory® from a browser? Microsoft®’s traditional directory service has been an on-prem staple since its inception. But, as more resources move to the cloud, some are curious about whether they can port their identity management cloudwards as well.
First, let’s dive into what Active Directory is and why an organization would want browser-based Active Directory in the first place.
Active Directory, On-Prem
Active Directory (AD) is the premier on-prem directory service, used by many organizations to manage user identities and their access to mainly Windows® IT resources. IT organizations often host their AD instances on-prem with physical server stacks.
With modern, cloud innovations, however, AD needs additional tooling to manage new resources that fall outside of its domain. These range anywhere from macOS® and Linux® systems to cloud infrastructure and applications.
In order to manage these disparate resources, IT admins have had to resort to adding on functionality to their AD instance, generally through the assistance of tools like web application single sign-on (SSO) solutions or identity bridges. Over time, these AD add-ons have slowly been lumped together under the larger umbrella of Identity-as-a-Service (IDaaS).
Useful for their specific niches, these IDaaS solutions also offer one feature in particular that has become ideal for modern IT admins: many can be fully managed from the cloud. This lets IT admins effectively manage their users’ authentication and access to cloud-based applications, infrastructure, and non-Windows systems from anywhere in the world — albeit from disparate browser windows.
The extensibility of these browser-based tools sparks curiosity in some admins, wondering if they can achieve the same interfacing experience with their on-prem AD instance. The possibility would enable an IT admin to effectively manage most, if not all, of their identities and access control remotely. For organizations like managed service providers (MSPs) and other IT consultants, this could be a great boon indeed.
Additionally, the graphical user interface (GUI) of AD (pictured above) appears somewhat outdated compared to modern GUIs that feature more visually appealing layouts and input processes. Although many long-time (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Zach DeMeyer. Read the original post at: https://jumpcloud.com/blog/active-directory-browser/